// the find
Netflix/hubcommander
A Slack bot for GitHub organization management -- and other things too
HubCommander is a Slack bot that wraps GitHub org admin actions — creating repos, managing collaborators, toggling branch protection — so you can delegate those tasks to team members without handing out org owner access. It's built on Slack's old RTM API and targets orgs that do chatops-style workflows. Practically a Netflix-internal tool that was open-sourced.
Duo 2FA integration for sensitive commands is genuinely useful and not something you'd want to roll yourself. The plugin architecture is clean — adding a new command means dropping a file in the right directory, not touching core code. Docker image included means you can stand it up in an afternoon. Ephemeral Slack messages for sensitive output is the right call security-wise.
Built on python-rtmbot 0.4.0 and Slack's RTM API, which Slack deprecated in 2021 — this thing is on borrowed time or already broken for new Slack workspaces. Travis CI references everywhere signal this hasn't been meaningfully maintained; the badge links are probably stale. Requires a GitHub bot account with org owner privileges, which is the exact blast radius problem it claims to solve — you've just moved the risk from humans to a bot token. No mention of GitHub Apps or fine-grained tokens, which have been the right approach for years.